May 2022 - DNS | Security

Why Preventing, Mitigating & Fighting Abuse Concern Everyone

Thomas Rickert and Lars Steffen from the eco Association, on the importance of acting and collaborating in the fight against abuse involving the DNS.

Why Preventing, Mitigating & Fighting Abuse Concern Everyone-web

©Istoma |

Can you imagine a world without the Internet? Probably not. It is the proven backbone of providing and sharing data, information, and services. Digitalization has probably already reached every aspect of our life. Very often the Internet is a mirror of reality. That means in turn that, very often, the Internet plays home to both the good and the bad. This is not a surprise. Given that the Internet is no longer new, the majority of the Internet industry is well prepared and active at preventing, mitigating, and fighting abusive activities online. However, what is new is the level of discussion and debate on abuse, as we currently see on DNS abuse.

For example, even though the Internet Corporation for Assigned Names and Numbers (ICANN) and its multi-stakeholder community have already been engaged in an extended dialogue on the topic of DNS abuse for over a decade, the topic of DNS abuse seems to be on everyone's mind these days. No ICANN meeting goes by without sessions on DNS abuse, while every industry event seems to put panel discussions and workshops on its agenda, and on 31 January the European Commission published its own study on DNS abuse. There are also working groups, teams, and committees among the different parts of the ICANN community and a number of industry driven initiatives, like the Internet & Jurisdiction Policy Network, the DNS Abuse Institute by PIR, and eco’s topDNS Initiative, that help to structure the discussion.

This clearly shows many stakeholders have an interest in the stable, safe, and secure operation of the DNS. It has proven to be the foundation for the global expansion of the Internet as a universal public resource. However, like every innovation and every technology, the Internet and the DNS are facing abuse. Most involved stakeholders do not deny this either. But sometimes one can get the impression that very detailed interest-led discussions go round in circles regarding who should be responsible for doing what, and losing focus on the real issue. In these discussions some people are saying that the industry is not doing enough. And at the other end of the spectrum, you see people saying: well, actually, no, we are. The truth often lies in the middle – you need to be proportionate and reasonable in what you are asking others to do.

Self-regulation – the importance of the industry seeking solutions to challenges

By way of making the burden on Internet industry companies proportionate, at the eco Association, we work to support in their efforts to combat abuse. For more than 25 years, eco has been intrinsically motivated to make sure that abuse and illegal content are combated, and that crimes are prosecuted. Cooperating with the various stakeholders in the process is as important to us as neutrality and transparency. The eco Complaints Office, founding member of the INHOPE network, reports regularly on its experiences in combating illegal content online. Equally, since 2004 the Certified Senders Alliance has been a successful best-practice example of how email senders and mailbox providers can collaborate in a self-regulatory trusted notifier framework to fight spam and phishing. Working groups dealing with the constant development of improved measures against abuse and projects to fight botnets within eco complete the broad portfolio of expertise within the association, and demonstrate the importance of these successful self-regulatory initiatives.

Talking about self-regulation: Technical developments are, by their nature, by their dynamics, always faster than what legislators could ever achieve. Moreover, the Internet is borderless. It is a global tool that can be used by almost anyone around the world, whereas legislative initiatives by law makers usually have only national reach. If you are lucky, they have a regional reach, but there are almost no legislative initiatives that are binding on a global level. And that is why it's always good for an industry to come up with ideas on how to respond to the challenges facing it with appropriate measures. There is a risk of being held accountable for what your own users do. Then there is also the risk of legislators stepping in – perhaps with the best of intentions, but still intervening with legal instruments, laws, and regulations that go too far or have side effects that are detrimental to economic development and the use of technology.

Our goal is to bring all relevant stakeholders and intermediaries to the table and put up for discussion all different types of abuse that harm everyone on the Internet, to talk about roles and responsibilities across the board with the entire industry.  The task of tackling and preventing abuse on the Internet is a complex one, one which needs to avoid collateral damage to freedom and diversity of speech and overblocking. It’s time to act and collaborate, not to point fingers at each other. It’s time to give visibility to those who are engaged in the fight against abuse. It’s time for sharing best practices with well-meaning players so that they can become better.

Making the Internet a nice neighborhood to do business

In January 2020, Michele Neylon, long-standing eco member and CEO of Blacknight, a web hosting company based in Ireland, summarized perfectly why it is worth the effort to mitigate and fight abuse: “You know, you could live in the nicest neighborhood in whichever city or town you’re living in. But you don’t want to live in a neighborhood where there’s rats bouncing across your front yard every morning, the bins are spilling out into the street, there’s burnt-out cars at every corner. You don’t want to live in that neighborhood. And why would anybody want to do business in that neighborhood? If you let the Internet’s ecosystem degrade in that respect, then you end up in a situation where you end up going backwards. And that’s not what we want – we want to move forward.”


Attorney-at-law and domain law expert Thomas Rickert is Director of the Names & Numbers Forum at eco - Association of the Internet Industry (

Thomas Rickert is a member of the GNSO (Generic Names Supporting Organization) Council of the Internet Corporation for Assigned Names and Numbers ( Currently, At the beginning of 2022 he initiated the topDNS Initiative ( that unites members of the eco Association to fight DNS abuse. Further, Thomas Rickert is managing director of the law firm Rickert Rechtsanwaltsgesellschaft mbH (, which is specialized in legal issues of the digital economy.

Lars Steffen is Director International at eco – Association of the Internet Industry (, the largest Internet industry association in Europe. At eco, he coordinates all international activities of the association and takes care of the members from the domain name industry.